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DETAILED ACTION 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

Claims 1-21 rejected under 35 U.S.C. 102(a) as being anticipated by Jansen et al. NIST 
Special Publication 800-19 - Mobile Agent Security (hereafter Jansen). 

1 . As per claims 1, 4, 6, 8, 11, Jansen teaches a mobile application (MA) security system 
(title, pg. 2 and section 3.2, bottom paragraph on page 9), comprising; one or more hosts 
connected to the server computer, each computer executing the mobile application that jumps 
between the hosts during execution(see pg. 2, pg. 17, section 4.1.4, 4.1.5), central computer for 
controlling the security of a MA(pg. 18-19 section 4.2 Protecting Agents); the central computer 
comprising means for monitoring the security of the MA as it jumps between hosts computers 
wherein the MA is communicated from a first host to a second host(see pg. 18-19 section 4.2 
protecting agents), wherein the security monitoring means further comprises means for detecting 
unwanted changes in the code associated with the MA when the MA is jumping between hosts 
(see pg. 6-7, section 2.3.4, pg. 10-11, section 3.3). 

2. As per claim 2, Jansen teaches wherein the detecting means further comprises means for 
storing a copy of each MA when the MA first passes thorough the server, means for receiving 
the MA after it is executed by another host, and means for comparing the code of the MA after it 
is executed by another host, to the stored copy of the MA to determine if changes have been 
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made to the code of the MA (Section 3.2, 3.3, pgs 9-11, section 4.2.2 Mutual Itinerary Recording 
teaches tracking and comparing the Itinerary list as it traverses the peers - Since Jansen discloses 
both central and distributed Central computer (see claim 1 above), this reads on using one stored 
copy for comparison purposes. Further to this point are the lists/tables, bottom list on page 14 
and top list on page 19, which disclose many possible countermeasure means - one skilled in the 
art would provide for a one-to-one code compare at a minimum). 

3. As per claim 3, Jansen teaches claim 1 wherein the detecting means further includes 
means for computing a checksum of the MA when the MA first passes through the server (pg. 
19-20, teach Public Key and PRAC which are "cryptographic checksums" and are checked for 
accuracy. Each reads on "checksum"), means for receiving the MA after it is executed by 
another host, means for comparing the checksum of the mobile application (page 17, Path 
Histories teaches adding a signed entry to the path which is used to verify validity of the 
MA/message) after it is executed by another host to the stored checksum of the mobile 
application to determine if changes have been made to the code of the mobile application(see 
section 2.3.4 pg. 6-7, section 3.2, 3.3. pg. 9-12, and pg. 16, Signed Code section teaches digital 
signature/ Authenticode which provides "code signing" to provide means for determining an 
authentic message or not) . 

4. With further regard to claim 4, Jansen teaches security monitoring means comprises 
preventing a host from transmitting hostile code in a MA to another host (pgs 9-10, section 3.2, 
pg. 18-19, section 4.2, pg. 19 top paragraph teaches IBM Aglets prevent receiving platform from 
accepting agents from an agent platform not defined as a trusted peer). 
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5. As per claims 5, wherein preventing means comprises determining if the host dispatching 
the mobile application is trusted (pages 18-19, Protecting Agents, teaches trusted peers via IBM 
Aglets and Claim 3 above teaches Signed Code which infers trust), means for saving the code of 
the MA and means, when requested by another node, for providing the code for the MA to the 
requesting node (page 13-14, Protecting Agent Platform section - broadly discloses "trusted 
communications for MA's" which inherently includes requesting of MA and transmission of 
MA), means for stripping the code from an initially received MA if the host is not trusted(see 
pgs. 18-19, section 4.2). The Examiner asserts that Jansen teaches stripping code, because 
Jansen teaches identifying a non-trusted machine (see previous claim rejections) and hence many 
options exist as to how to stay safe from said machine, i.e. do not communicate with it, only 
transmit to it, attempt to re-verify that it is a trusted machine, only communicate with certain 
machines, strip code. 

6. With further regard to claim 6, Jansen teaches security monitoring means comprises 
detecting unwanted changes in the state of the MA (page 17, State Appraisal teaches prevention 
of state corruption/modification). 

7. As per claim 7, Jansen teaches claim 6/15 wherein the detecting means further comprises 
means for saving a copy of the state of a MA received from a node that received the MA, means 
for receiving data about the same MA after a jump to another node and means for comparing the 
state of the MA after the jump to another node with the stored state of the MA to ensure that the 
state of the MA has not changed (page 17, section 4.1.4, 4.1.5). 
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8. With further regard to claim 8, Jansen teaches security monitoring means comprises 
detecting unwanted changes to the itinerary of the MA (page 21, Section 4.2.2, pg. 22-23, section 
4.2.4). 

9. As per claim 9, Jansen teaches wherein the detecting means further comprises means for 
saving a copy of the itinerary of a MA received from a node that received the MA, means for 
receiving the same MA after a jump to another node and means for comparing the itinerary of 
the MA after the jump to another node with the stored itinerary of the MA to ensure that the 
itinerary of the MA has not changed (page 21-22, section 4.2.2, 4.2.3). 

10. As per claim 10, Jansen teaches claim 8 wherein the itinerary comprises past historical 
itinerary data (page 17, Path Histories section AND page 21, Mutual Itinerary Recording and 
Itinerary Recording with Replication/Voting sections). 

1 1 . With further regard to claim 11, Jansen teaches receiving data about a mobile 
application via State Appraisal, Path Histories, Proof Carrying Code (pages 16-18), which 
provides data about the MA (and reads on the claim). 

12. As per claim 12, rejected under the same basis as claim 2. 

13. With further regard to claim 13, see claim 1, 4 and 1 1 rejections above. 

14. As per claim 14, it is rejected under the same basis as claim 5. 

15. With further regard to claim 15, see claim 1, 6 and 1 1 rejections above. 

16. As per claim 16, it is rejected under the same basis as per clam 7. 

17. With further regard to claim 17, see claim 1, 8 and 1 1 rejections above. 

18. As per claim 18, it is rejected under the same basis as claim 9. 

19. As per claim 19, it is rejected under the same basis as per claim 10. 
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20. With further regard to claim 20, see claim 1, 4 and 1 1 rejections above (note that a non- 
trusted host launching a MA reads on hostile code, as per claim 4 and is disclosed in Jansen). 

21. As per claim 21, limitations have been addressed(see claim 1). Further, Claim 21, Jansen 
is rejected for the central computer includes means for preventing untrusted hosts from initially 
launching mobile applications, because Jansen teaches that the mobile applications store 
checksums associated with them and if the checksum is not valid, one will not be able to execute 
the application(pg. 19-20). 



Response to Amendment 

The Applicant states that Jansen does not teach "the central computer further includes 
means for monitoring the security of the mobile application as it jumps between the host 
computers wherein when the mobile application is communicated from a first host to a second 
host, it passes through the central computer" as set forth in the claim. The Examiner disagrees 
with the Applicant, Jansen teaches that the Jumping beans agent system addressed security issues 
by implementing a client-server architecture, whereby an agent always returns to a secure central 
host before moving onto any other platform(see pg. 19). 
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22. The Applicant states that Jansen does not disclose the security monitoring means for 
detecting unwanted changes in the code associated with the mobile application when the mobile 
application is jumping between hosts. The Examiner disagrees since Jansen teaches a central 
host allowing tampering to be detected and prevented from accepting agents/code from someone 
not defined as a trusted peer(see pg. 19). 

23. The Applicant states that Jansen does not disclose the central computer detects unwanted 
changes in the code associated with the mobile application when the mobile application is 
jumping between hosts. The Examiner disagrees since Jansen teaches a secure central host 
which is interpreted as being capable of providing central security(see pg. 19). Further, Jansen 
discloses that a digital signature is included into the code, if the digital signature can verified 
than the agent has not been tampered with, if it cannot be verified that it has been tampered 
with(seepg. 16, 18). 

24. The Applicant states that Jansen does not teach that a central computer stores a copy of a 
mobile application and then compares it to the mobile application after execution by another 
host. The Examiner disagrees with the Applicant. Jansen teaches this, because Jansen teaches 
protecting against modification of code, i.e. comparing the original to the one received and 
section 4.2.2 Mutual Itinerary Recording teaches tracking and comparing the Itinerary list as it 
traverses the peers-Since Jansen teaches both central and distributed Central host(see pg. 19), 
this reads on using one stored copy for comparison purposes. 

25. The Applicant states that Jansen does not disclose means for stripping the code from an 
initially received mobile application if the host is not trusted, means for saving the code when 
requested by another host, and for providing the code for the mobile application to the requesting 
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host. The Examiner disagrees with the Applicant. Jansen teaches identifying a non-trusted 
machine and many options exist as to how to stay safe from the machine. Jansen teaches that 
one of the options that exist is to only communicate with certain machines, stripping the code(see 
pg. 13-14). 

Jansen teaches that the mobile applications store checksums associated with them and if 
the checksum is not valid, one will not be able to execute the application(pg. 19-20). 

26. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E Jackson whose telephone number is (703) 306-0426. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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